[El-errata] ELSA-2016-2582 Moderate: Oracle Linux 7 nettle security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Nov 10 10:59:16 PST 2016
Oracle Linux Security Advisory ELSA-2016-2582
http://linux.oracle.com/errata/ELSA-2016-2582.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
nettle-2.7.1-8.el7.i686.rpm
nettle-2.7.1-8.el7.x86_64.rpm
nettle-devel-2.7.1-8.el7.i686.rpm
nettle-devel-2.7.1-8.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nettle-2.7.1-8.el7.src.rpm
Description of changes:
[2.7.1-8]
- Use a cache-silent version of mpz_powm to prevent cache-timing
attacks against RSA and DSA in shared VMs. (#1364897,CVE-2016-6489)
[2.7.1-5]
- Fixed SHA-3 implementation to conform to final standard (#1252936)
- Fixed CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 which caused issues
in secp256r1 and secp384r1 calculations (#1314374)
More information about the El-errata
mailing list